Developing software from scratch could be very complex, expensive and unnecessary. APIs are interfaces that help us connect already developed services, which have been created for other projects and following some standards, connect them with ours to create a bigger one.
Using different APIs, Prometeo can accesses domain banks, bank accounts and their movements.
Prometeo can log in, show personal and multi-managed accounts, show account movements, bank transfers, detail data from different financial institutions and show data of them.
For each request you make to the API, Prometeo will return a JSON (code structure that we’ll explain later) with the information you need to continue developing your product. If the language you chose to develop isn’t in the examples, contact us and we’ll help you.
To access our testing environment, contact us at info@prometeoapi.com
POST /login/
Parameters | Description |
---|---|
provider |
It’s the name of the bank or the financial institution. In lower case (test, brou, santander, edenred, santander_mx, banco_general). |
username |
Identification document or username for the login to the home banking. |
password |
password to the financial institution web for the user. |
Status | Description |
---|---|
status |
|
key |
Authentication code. It must be used in all the requests. It isn’t present if the response is an error status. |
POST /login/? HTTP/1.1 Host: test.prometeo.qualia.uy Accept: application/json X-API-Key: X-API-Key: <api key> provider=test&username=12345&password=gfdsa
{ "status" : "logged_in" "key" : "163d06b2-3378-4383-9868-71c2b6fb28da", }
{"status": "wrong_credentials"}
To beef up the security system, some financial institutions need a user interaction as a otp token, security questions or 2FA.
{ "context": "How many bathrooms my parent's house had?", "field": "personal_question", "key": "be612b0a-c972-4fb1-bb16-798956a3efa1", "status": "interaction_required" }
POST /login/? HTTP/1.1 Host: test.prometeo.qualia.uy Accept: application/json X-API-Key: <api key> provider=test&username=12345&password=asdfg&personal_question=uno
curl -X POST "https://test.prometeo.qualia.uy/login/?" -d 'provider=test&username=12345&password=gfdsa' -H "X-API-Key: <api key>"
{ "status" : "logged_in" "key" : "163d06b2-3378-4383-9868-71c2b6fb28da", }
{"status": "wrong_credentials"}
To beef up the security system, some financial institutions need a user interaction as a otp token, security questions or 2FA.
{ "context": "How many bathrooms my parent's house had?", "field": "personal_question", "key": "be612b0a-c972-4fb1-bb16-798956a3efa1", "status": "interaction_required" }
curl -X POST "https://test.prometeo.qualia.uy/login/?" -d 'provider=test&username=12345&password=asdfg&personal_question=uno' -H "X-API-Key: <api key>"
import requests requests.post('https://test.prometeo.qualia.uy/login/', headers={'X-API-Key': '<api key>'}, data={ "provider": "test", "username": "12345", "password": "gfdsa" })
{ "status" : "logged_in" "key" : "163d06b2-3378-4383-9868-71c2b6fb28da", }
{"status": "wrong_credentials"}
To beef up the security system, some financial institutions need a user interaction as a otp token, security questions or 2FA.
{ "context": "How many bathrooms my parent's house had?", "field": "personal_question", "key": "be612b0a-c972-4fb1-bb16-798956a3efa1", "status": "interaction_required" }
requests.post('https://test.prometeo.qualia.uy/login/', headers={'X-API-Key': '<api key>'}, data={ "provider": "test", "username": "12345", "password": "asdfg", "personal_question": "uno" })
var request = require('request'); request.post({ "url": "https://test.prometeo.qualia.uy/login/", "json": true, "headers": { "X-API-Key": "<api key>" }, "form": { "provider": "test", "username": "12345", "password": "gfdsa" } });
{ "status" : "logged_in" "key" : "163d06b2-3378-4383-9868-71c2b6fb28da", }
{"status": "wrong_credentials"}
To beef up the security system, some financial institutions need a user interaction as a otp token, security questions or 2FA.
{ "context": "How many bathrooms my parent's house had?", "field": "personal_question", "key": "be612b0a-c972-4fb1-bb16-798956a3efa1", "status": "interaction_required" }
var request = require('request'); request.post({ "url": "https://test.prometeo.qualia.uy/login/", "json": true, "headers": { "X-API-Key": "<api key>" }, "form": { "provider": "test", "username": "12345", "password": "asdfg", "personal_question": "uno" } });
GET /client/
Points to consider
Clients are accounts associated to a user. A user could have more than one associated accounts. It’s frequent that an account has two owners.
The users without associated clients don’t show information. It isn’t necessary to ‘Select Client’ you can go straight to Endpoint /account/
Parameters | Description |
---|---|
key |
Authentication code. It must be used in all the requests. |
GET /client/?key=959602df-d3ee-4898-b6d8-a28a2c7486fb HTTP/1.1 Host: test.prometeo.qualia.uy Accept: application/json X-API-Key: <api key>
curl -X GET "https://test.prometeo.qualia.uy/client/?key=959602df-d3ee-4898-b6d8-a28a2c7486fb" -H "X-API-Key: <api key>"
import requests requests.get('https://test.prometeo.qualia.uy/client/', headers={'X-API-Key': '<api key>'}, params={ "key": "959602df-d3ee-4898-b6d8-a28a2c7486fb" })
{ "status":"success", "clients":{ "0":"First Client", "1":"Second Client" } }
{ "status":"success", "clients":{ "0":"First Client", "1":"Second Client" } }
GET /client/ <id>/
Parameters | Description |
---|---|
key |
Authentication code. It must be used in all the requests. |
Response | Description |
---|---|
status |
var request = require('request'); request.get({ "url": "https://test.prometeo.qualia.uy/client/20727/", "json": true, "headers": { "X-API-Key": "<api key>" }, "qs": { "key": "959602df-d3ee-4898-b6d8-a28a2c7486fb" } });
curl -X GET "https://test.prometeo.qualia.uy/client/20727/?key=959602df-d3ee-4898-b6d8-a28a2c7486fb" -H "X-API-Key: <api key>"
import requests requests.get('https://test.prometeo.qualia.uy/client/20727/', headers={'X-API-Key': '<api key>'}, params={ "key": "959602df-d3ee-4898-b6d8-a28a2c7486fb" })
var request = require('request'); request.get({ "url": "https://test.prometeo.qualia.uy/client/20727/", "json": true, "headers": { "X-API-Key": "<api key>" }, "qs": { "key": "959602df-d3ee-4898-b6d8-a28a2c7486fb" } });
{ "status" : "success" }
GET /account/
Parameters | Description |
---|---|
key |
Authentication code. It must be used in all the requests. |
Response | Description |
---|---|
status | |
accounts |
accounts list. |
The example shows a successful response of a Santander bank account that has four different accounts.
GET /account/?key=959602df-d3ee-4898-b6d8-a28a2c7486fb HTTP/1.1 Host: test.prometeo.qualia.uy Accept: application/json X-API-Key: <api key>
curl -X GET "https://test.prometeo.qualia.uy/account/?key=959602df-d3ee-4898-b6d8-a28a2c7486fb" -H "X-API-Key: <api key>"
import requests requests.get('https://test.prometeo.qualia.uy/account/', headers={'X-API-Key': '<api key>'}, params={ "key": "959602df-d3ee-4898-b6d8-a28a2c7486fb" })
var request = require('request'); request.get({ "url": "https://test.prometeo.qualia.uy/account/", "json": true, "headers": { "X-API-Key": "<api key>" }, "qs": { "key": "959602df-d3ee-4898-b6d8-a28a2c7486fb" } });
{ "accounts": [ { "balance": 1234.95, "branch": "02 - 18 De Julio", "currency": "UYU", "id": "hash1", "name": "Cuenta total", "number": "001234567890" }, { "balance": 12.01, "branch": "02 - 18 De Julio", "currency": "USD", "id": “hash2”, "name": "Cuenta total", "number": "005234567890" }, { "balance": 4301, "branch": "61 - Ciudad Vieja", "currency": "UYU", "id": "hash3", "name": "Caja De Ahorro Atm", "number": "007234567890" }, { "balance": 53.96, "branch": "61 - Ciudad Vieja", "currency": "USD", "id": "hash4", "name": "Caja De Ahorro Atm", "number": "007234567890" } ], "status": "success" }
GET /movement/
Parameters | Description |
---|---|
account |
Account number (it’s the ‘number’ value in the endpoint /account/ response). |
currency |
currency in format ISO 4217 in UYU or USD. |
date_start |
start date of the transactions, format DD/MM/YYYY |
date_end |
finish date of the transactions, format DD/MM/YYYY |
key |
Authentication code. It must be used in all the requests. |
Response | Description |
---|---|
status | |
movements |
transactions list. |
GET /movement/?key=959602df-d3ee-4898-b6d8-a28a2c7486fb&account=12345¤cy=UYU&date_start=22%2F11%2F2017&date_end=23%2F11%2F2017 HTTP/1.1 Host: test.prometeo.qualia.uy Accept: application/json X-API-Key: <api key>
curl -X GET "https://test.prometeo.qualia.uy/movement/?key=959602df-d3ee-4898-b6d8-a28a2c7486fb&account=12345¤cy=UYU&date_start=22%2F11%2F2017&date_end=23%2F11%2F2017" -H "X-API-Key: <api key>"
import requests requests.get('https://test.prometeo.qualia.uy/movement/', headers={'X-API-Key': '<api key>'}, params={ "key": "959602df-d3ee-4898-b6d8-a28a2c7486fb", "account": "12345", "currency": "UYU", "date_start": "22/11/2017", "date_end": "23/11/2017" })
var request = require('request'); request.get({ "url": "https://test.prometeo.qualia.uy/movement/", "json": true, "headers": { "X-API-Key": "<api key>" }, "qs": { "key": "959602df-d3ee-4898-b6d8-a28a2c7486fb", "account": "12345", "currency": "UYU", "date_start": "22/11/2017", "date_end": "23/11/2017" } });
{ "final_balance": "undefined", "initial_balance": "undefined", "movements": [ { "credit": "", "date": "12/01/2017", "debit": 3500, "detail": "RETIRO EFECTIVO CAJERO AUTOMATICO J.C. GOMEZ 1372, MONTEVIDEO TARJ: 4303090202018993", "id": -890185180, "reference": "000000005084" }, { "credit": "", "date": "05/01/2017", "debit": 16000, "detail": "RETIRO EFECTIVO CAJERO AUTOMATICO J.H Y OBES 1389, MONTEVIDEO TARJ: 4303090202018993", "id": 1024917397, "reference": "000000002931" }, { "credit": 98640, "date": "03/01/2017", "debit": "", "detail": "SUELDOS 123456TT RECIBIDA /Qualia Fintech S.R.L", "id": 1303899175, "reference": "TR0003858408" } ], "status": "success" }
POST /transfer/preprocess
Parameters | Description |
---|---|
origin_account |
Account number from where it’s transferred. |
destination_institution |
Institution Id where it is transferred. (The id is in the response of the endpoint /account/). |
destination_account |
Destination account where it is transfered |
currency |
Code: ISO 4217 of the currency used for the transaction. |
amount |
Transfer amount. |
concept |
Concept or description of the transfer. |
destination_owner_name |
Name of the holder of the destination account (not required). |
branch |
Branch number of the destination account (not required). |
Response | Description |
---|---|
status | |
result |
|
var request = require('request'); request.post({ "url": "https://test.prometeo.qualia.uy/transfer/preprocess", "json": true, "headers": { "X-API-Key": "<api key>" }, "form": { "origin_account": "002206345988", "destination_institution": 0, "destination_account": "001002363321", "currency": "UYU", "amount": 1.3, "concept": "descripcion de transferencia", "destination_owner_name": "John Doe", "branch": 62 }, "qs": { "key": "959602df-d3ee-4898-b6d8-a28a2c7486fb" } });
curl -X POST "https://test.prometeo.qualia.uy/transfer/preprocess?key=959602df-d3ee-4898-b6d8-a28a2c7486fb" -d 'origin_account=002206345988&destination_institution=0&destination_account=001002363321¤cy=UYU&amount=1.3&concept=descripcion+de+transferencia&destination_owner_name=John+Doe&branch=62' -H "X-API-Key: <api key>"
import requests requests.post('https://test.prometeo.qualia.uy/transfer/preprocess', headers={'X-API-Key': '<api key>'}, params={ "key": "959602df-d3ee-4898-b6d8-a28a2c7486fb" }, data={ "origin_account": "002206345988", "destination_institution": 0, "destination_account": "001002363321", "currency": "UYU", "amount": 1.3, "concept": "descripcion de transferencia", "destination_owner_name": "John Doe", "branch": 62 })
var request = require('request'); request.post({ "url": "https://test.prometeo.qualia.uy/transfer/preprocess", "json": true, "headers": { "X-API-Key": "<api key>" }, "form": { "origin_account": "002206345988", "destination_institution": 0, "destination_account": "001002363321", "currency": "UYU", "amount": 1.3, "concept": "descripcion de transferencia", "destination_owner_name": "John Doe", "branch": 62 }, "qs": { "key": "959602df-d3ee-4898-b6d8-a28a2c7486fb" } });
{ "result": { "approved": true, "authorization_devices": [ { "data": ["F-4", "B-2", "G-7"], "type": "cardCode" }, { "data": null, "type": "pin" } ], "message": null, "request_id": "0b7d6b32d1be4c11bde21e7ddc08cc36" }, "status": "success" }
POST /transfer/confirm
Parameters | Description |
---|---|
request_id |
Request Id (The id is in the response of the endpoint /transfer/preprocess). |
authorization_type |
Verification method. The verification method is in the response of the endpoint /transfer/preprocess. It’s not required. |
authorization_data |
Verification value (pin number, coordinate card, etc). In case of more than one value, they must be separated with commas. |
POST /transfer/confirm?key=959602df-d3ee-4898-b6d8-a28a2c7486fb HTTP/1.1 Host: test.prometeo.qualia.uy Accept: application/json X-API-Key: <api key> request_id=0b7d6b32d1be4c11bde21e7ddc08cc36&authorization_type=cardCode&authorization_data=1%2C2%2C3
curl -X POST "https://test.prometeo.qualia.uy/transfer/preprocess?key=959602df-d3ee-4898-b6d8-a28a2c7486fb" -d 'origin_account=002206345988&destination_institution=0&destination_account=001002363321¤cy=UYU&amount=1.3&concept=descripcion+de+transferencia&destination_owner_name=John+Doe&branch=62' -H "X-API-Key: <api key>"
import requests requests.post('https://test.prometeo.qualia.uy/transfer/preprocess', headers={'X-API-Key': '<api key>'}, params={ "key": "959602df-d3ee-4898-b6d8-a28a2c7486fb" }, data={ "origin_account": "002206345988", "destination_institution": 0, "destination_account": "001002363321", "currency": "UYU", "amount": 1.3, "concept": "descripcion de transferencia", "destination_owner_name": "John Doe", "branch": 62 })
var request = require('request'); request.post({ "url": "https://test.prometeo.qualia.uy/transfer/confirm", "json": true, "headers": { "X-API-Key": "<api key>" }, "form": { "request_id": "0b7d6b32d1be4c11bde21e7ddc08cc36", "authorization_type": "cardCode", "authorization_data": "1,2,3" }, "qs": { "key": "959602df-d3ee-4898-b6d8-a28a2c7486fb" } });
{ "status": "success", "transfer": { "message": "", "success": true } }
POST /transfer/destinations
var request = require('request'); request.get({ "url": "https://test.prometeo.qualia.uy/transfer/destinations", "json": true, "headers": { "X-API-Key": "<api key>" }, "qs": { "key": "959602df-d3ee-4898-b6d8-a28a2c7486fb" } });
curl -X GET "https://test.prometeo.qualia.uy/transfer/destinations?key=959602df-d3ee-4898-b6d8-a28a2c7486fb" -H "X-API-Key: <api key>"
import requests requests.get('https://test.prometeo.qualia.uy/transfer/destinations', headers={'X-API-Key': '<api key>'}, params={ "key": "959602df-d3ee-4898-b6d8-a28a2c7486fb" })
var request = require('request'); request.get({ "url": "https://test.prometeo.qualia.uy/transfer/destinations", "json": true, "headers": { "X-API-Key": "<api key>" }, "qs": { "key": "959602df-d3ee-4898-b6d8-a28a2c7486fb" } });
{ "destinations": [ { "id": 0, "name": "SANTANDER" }, { "id": 1, "name": "B.R.O.U." }, { "id": 91, "name": "B.H.U." }, { "id": 110, "name": "BANDES" } ], "status": "success" }
GET /provider/
Response | Description |
---|---|
status | |
providers |
Suppliers list. A supplier is a source of financial data. |
GET /provider/? HTTP/1.1 Host: test.prometeo.qualia.uy Accept: application/json X-API-Key: <api key>
curl -X GET "https://test.prometeo.qualia.uy/provider/?" -H "X-API-Key: <api key>"
import requests requests.get('https://test.prometeo.qualia.uy/provider/', headers={'X-API-Key': '<api key>'})
var request = require('request'); request.get({ "url": "https://test.prometeo.qualia.uy/provider/", "json": true, "headers": { "X-API-Key": "<api key>" } });
{ "providers": [ { "code": "test", "country": "UY", "name": "Test Provider" }, ... ], "status": "success" }
GET /provider/{code}/
Response | Description |
---|---|
status | |
providers |
Supplier data |
GET /provider/test/? HTTP/1.1 Host: test.prometeo.qualia.uy Accept: application/json X-API-Key: <api key>
curl -X GET "https://test.prometeo.qualia.uy/provider/test/?" -H "X-API-Key: <api key>"
import requests requests.get('https://test.prometeo.qualia.uy/provider/test/', headers={'X-API-Key': '<api key>'})
var request = require('request'); request.get({ "url": "https://test.prometeo.qualia.uy/provider/test/", "json": true, "headers": { "X-API-Key": "<api key>" } });
{ "provider": { "auth_fields": [ { "interactive": false, "name": "username", "type": "text" }, { "interactive": false, "name": "password", "type": "password" } ], "country": "UY", "name": "test" }, "status": "success" }